Re: [PATCH v4 4/6] sev/i386: Don't allow a system reset under an SEV-ES

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4 4/6] sev/i386: Don't allow a system reset under an SEV-ES

From:	Paolo Bonzini
Subject:	Re: [PATCH v4 4/6] sev/i386: Don't allow a system reset under an SEV-ES guest
Date:	Tue, 26 Jan 2021 17:16:49 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0

On 25/09/20 21:03, Tom Lendacky wrote:


 {
-    if (no_reboot && reason != SHUTDOWN_CAUSE_SUBSYSTEM_RESET) {
+    if (!cpus_are_resettable()) {
+        error_report("cpus are not resettable, terminating");
+        shutdown_requested = reason;
+    } else if (no_reboot && reason != SHUTDOWN_CAUSE_SUBSYSTEM_RESET) {

The error should not be emitted if "no_reboot && reason !=SHUTDOWN_CAUSE_SUBSYSTEM_RESET" (the condition has changed a bit inlatest QEMU but the idea is the same).

This is because whoever invoked QEMU could already know about thisSEV-ES limitation, and use -no-reboot (aka -action reset=shutdown in6.0) in order to change the forbidden warm reset into a shutdown+restartcold reset.


Paolo

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v4 4/6] sev/i386: Don't allow a system reset under an SEV-ES guest, Paolo Bonzini <=
- Re: [PATCH v4 4/6] sev/i386: Don't allow a system reset under an SEV-ES guest, Tom Lendacky, 2021/01/26

Prev by Date: Re: [PATCH] coroutine-sigaltstack: Add SIGUSR2 mutex
Next by Date: Re: [PATCH] hw/block/nvme: add broadcast nsid support flush command
Previous by thread: Re: [PATCH 1/6] qapi: Add interfaces for alias support to Visitor
Next by thread: Re: [PATCH v4 4/6] sev/i386: Don't allow a system reset under an SEV-ES guest
Index(es):
- Date
- Thread